<?php
/***************************************************************************
 *
 *   copyright            : (C) 2005 Winds of Storm
 *
 *   $Id: phpbb_fal.php,v 1.11 2007/02/11 12:23:06 nonny Exp $
 *
 ***************************************************************************/

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/

//
// Function taken from phpBB2 includes/functions.php
//
function encode_ip ($dotquad_ip) {
	$ip_sep = explode('.', $dotquad_ip);
	return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
}

$smilies_limit          = "ORDER BY smilies_id LIMIT 0,21";
$smile_pattern_field    = "code";
$smile_url_field        = "smile_url";
$users_table		= $config['FORUM_DB_PREFIX'] . "users";
$smilies_table          = $config['FORUM_DB_PREFIX'] . "smilies";
$group_table		= $config['FORUM_DB_PREFIX'] . "user_group";
$ban_table		= $config['FORUM_DB_PREFIX'] . "banlist";

$avatars_html_path      = $config['FORUM_BASE_URL'] . "images/avatars/";
$smilies_path           = $config['FORUM_BASE_URL'] . "images/smiles/";
$smilies_all_url        = $config['FORUM_BASE_URL'] . "posting.php?mode=smilies";

function getAvatar($userinfo) {
	// returns URL to the avatar to display for the user
	global	$db2;
	global	$dbprefix;
	global	$config;
	global	$avatars_html_path;

	if ($userinfo['avatar'] != "" && $userinfo['avatar'] != "noavatar") {
		if (!eregi("://", $userinfo['avatar'])) {
			// http://fantasticbyways.lunarpages.com/forums/html/avatars/IPB_Community_Pack/Meow.gif
			$avatar = $avatars_html_path . $userinfo['avatar'];
		} else {
			$avatar = $userinfo['avatar'];
		}
		$avatar = addslashes($avatar);
	}

	return $avatar;
}

function getProfileURL($userinfo) {
	global	$config;

	$url	= $config['FORUM_BASE_URL'] . "profile.$phpEx?mode=viewprofile&u=" . $userinfo['userid'];
	return $url;
}

function checkAuth($username, $password, $modGroup, $checkAdmin) {
	// success: return user info array
	// failure: return error string
	global	$db2;
	global	$users_table;
	global	$group_table;

	addToLog("checkAuth: $username, $password, $modGroup, $checkAdmin");
	if ($modGroup != -1) {
		$sql_g1	= ",g.group_id";
		$sql_g2	= "
				LEFT JOIN $group_table AS g ON u.user_id=g.user_id AND
				g.group_id=$modGroup AND
				g.user_pending=0";
	}

	$pw5    = md5($password);
	$sql    = "SELECT u.*$sql_g1
	        	FROM
				$users_table AS u $sql_g2
	        	WHERE
				username LIKE '$username' AND
				user_password='$pw5'";

        $str_sql	= ereg_replace("\t", "", $sql);
        $str_sql	= ereg_replace("\n", " ", $str_sql);
        addToLog("authLogin: Login SQL -- $str_sql");

        $result	= $db2->sql_query($sql);
        if (!$result) {
		return "Error authenticating account, please try back later.";
        }

        if (($row = $db2->sql_fetchrow($result)) == NULL) {
                addToLog("Login failed from " . $_SERVER['REMOTE_ADDR'] . " (" . $_SERVER['HTTP_USER_AGENT'] . ") -- user " . $_REQUEST['username'] . " -- pass " . $_REQUEST['password']);
                return "Error logging in: possible reasons are an invalid username or authentication failure.";
        }

	if ($row['user_active'] != 1) {
		return "Error logging in: account is inactive.";
	}

	$userinfo['user_id']	= $row['user_id'];
	$userinfo['username']	= $row['username'];
	$userinfo['moderator']	= 0;
	if (($row['group_id'] == $modGroup) || ($row['user_level'] == 1)) {
		$userinfo['moderator']  = 1;
	}
	$userinfo['avatar']	= $row['user_avatar'];

	if ($checkAdmin && $row['user_level'] != 1) {
		return "Error logging in: account is not an administrator.";
	}

	$sql	= "UPDATE $users_table SET user_lastvisit_chat=UNIX_TIMESTAMP(NOW()) WHERE user_id={$row['user_id']}";
	$db2->sql_query($sql);

	return	$userinfo;
}

function checkBoardBan($ip, $userid) {
	// returns boolean result
	global	$db2;
	global	$dbprefix;
	global	$config;
	global	$ban_table;

	// check to make sure that this user and/or the users IP are not banned
	$eip    = encode_ip($ip);
	$sql    = "SELECT * FROM $ban_table WHERE ban_userid=$userid OR ban_ip='$eip'";
	$result = $db2->sql_query($sql);
	
	if (!$result) {
		show_login("Error checking ban listings, please try back later.");
		exit;
	}

	if ($db2->sql_numrows($result) > 0) {
		return TRUE;
	}

	return FALSE;
}

function checkValidAlias($alias, $uid) {
	// returns boolean result
	global	$db2;
	global	$users_table;

        $sql    = "SELECT * FROM $users_table WHERE username LIKE '$alias' AND user_id != $uid";
        $result = $db2->sql_query($sql);
        if ((($row = $db2->sql_fetchrow($result)) != NULL) && ($uid != 2)) {
                return -2;
        }
}
?>
